package com.example.paopao.passport.controller;

import com.example.paopao.common.pojo.security.CurrenPrincipal;
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore;

@RestController
@RequestMapping("/v1/test/")
@Api(tags = "3. 测试访问")
public class TestController {

    @GetMapping("permit")
    @ApiOperation("不需要通过认证")
    @ApiOperationSupport(order = 100)
    public String permit() {
        return "成功处理请求：不需要通过认证的请求";
    }

    @GetMapping("authenticated")
    @ApiOperation("需要通过认证")
    @ApiOperationSupport(order = 110)
    public String authenticated() {
        return "成功处理请求：需要通过认证的请求";
    }

    @GetMapping("principal")
    @ApiOperation("识别当事人")
    @ApiOperationSupport(order = 120)
    public String principal(@ApiIgnore @AuthenticationPrincipal CurrenPrincipal principal) {//@ApiIgnore @AuthenticationPrincipal CurrentPrincipal principal
//        CurrenPrincipal principal = (CurrenPrincipal)SecurityContextHolder
//                .getContext()
//                .getAuthentication()
//                .getPrincipal();
        return "成功处理请求：需要通过认证，且识别当事人：" + principal.getUsername();
    }

    @GetMapping("create-account")
    @PreAuthorize("hasAuthority('/user/contact')")
    @ApiOperation("需要具有权限")
    @ApiOperationSupport(order = 130)
    public String hasAuthority() {
        return "成功处理请求：需要具有某个权限";
    }

}